Microsoft Bans Weak Passwords

In light of the breach of LinkedIn last week, which put 117 million users at risk, Microsoft has put into play new password security for users of its Azure Active Directory.

Users are going to be prohibited from using weak passwords. Banned will be passwords that appear on breach lists or have been used multiple times under suspicious log in attempts.

Alex Weinart, group program manager of the Azure AD Identity Protection team, stated: "What we do with the data is prevent you from having a password anywhere near the current attack list, so those attacks won't work.”

Microsoft wants its users to alter the way they look at password usage. Weinart went on to say that password length requirements, password “complexity” requirements and regular, periodic password expiration no longer are adequate and, in fact, make cracking passwords easier for miscreants.